Benefits of Least Privilege Security on the desktop

Least Privilege Security is often applied to servers as a matter of course, but the idea of desktop security is regularly limited to the concept of antivirus software and possibly a personal firewall. The benefits that least privilege brings to servers also apply to desktops.

Change and configuration management

Though considered a security principle, the biggest benefit of Least Privilege Security is that it aids change and configuration management. Every time you log in to a computer with administrative privileges, there's the potential that the system's configuration may undergo unsanctioned changes, knowingly or otherwise. Least privilege helps to maintain the intended configuration of a system, but at the same time giving the flexibility to change it (if permitted by corporate policy enables System Administrators to maintain) and manage who can change what. Least Privilege Security enables system administrators maintain better standardized environments and reduce support costs. If the helpdesk can be reasonably certain of a system's configuration, it's much easier to support that system. If users are allowed to change important configuration settings without a good reason, the help desk faces a much tougher job, increasing the time required to resolve problems, thus driving up costs.

Least Privilege Security also prevents users from circumventing controls implemented by system administrators. If a user has administrative privileges, with the right knowledge, it's possible to circumvent Group Policy. Ultimately, if a user has administrative privileges, there's likely a way to break into a system even if other controls are in force.

Good change and configuration management provides stability. How often are support staff faced with queries such as it was working ok yesterday? Computers don't stop working without a reason. Something must have changed. If system administrators can prevent unwanted change, these types of queries can be reduced. Wouldn't it be nice to know that every time a user switches on their system, they can be sure that it will work as expected?

Damage limitation

If users are prevented from making unintentional changes to critical system components on the desktop, the risk of malicious or unsanctioned software finding its way onto corporate systems is significantly reduced. The likelihood of users being infected with drive-by internet attacks, rootkits, or worms is minimized as users need to specifically give permission for such software to run. A large number of today's malicious programs require administrative privileges to install. Therefore, a standard user is far less likely to infect a machine accidentally. Even if a standard user account becomes infected with a virus, the damage it can do is considerably less than if they had been granted administrative privileges.

You may be thinking that there are ways around some of the protections that Least Privilege Security provides, and you would be right. However, it must be understood that Least Privilege Security should be used as one layer of a comprehensive defense-in-depth strategy, and that other technologies such as Software Restriction Policies, Windows Firewall, and antivirus software, should be deployed to provide complete protection.

Regulatory compliance

Many organizations are subject to regulatory compliance, and all such regulations require that users are given only the privileges required to complete their work. Even if your business is not subject to regulation, it should be considered best practice to implement Least Privilege Security, to boost customer trust. Sensitive data is easily stolen from users if layered protection is not in place. If keylogging software is silently installed on a user's machine, then the program may be able to transmit captured data to its author without the user's knowledge. A comprehensive defense-in-depth security strategy would be almost certain to prevent such an attack.

Software licensing

Least Privilege Security can also help organizations to manage software licensing. While it doesn't necessarily remove the need to audit programs installed across an enterprise, enforcing a standard image using least privilege reduces the chances that your business will fall out of compliance through unauthorized or unlicensed applications being installed on desktops.